package services.security;

import services.exception.AniAuthException;
import utils.SecureUtils;

/**
 * User: yeh
 * Date: 3/11/13
 * Time: 3:20 PM
 * For:  wilddragon
 */
public class AniAuthCodeService {
    public static void checkAuthCodeLegality(String srcAuthCode, String identification, String md5Token, Long reqId){
        String expectedAuthCode = getExpectedAuthCode(identification, md5Token, reqId);
        checkAuthCodeExpectantly(srcAuthCode, expectedAuthCode);
    }
    private static String getExpectedAuthCode(String identification, String md5Token, Long reqId){
        String serverAuthCode = identification + md5Token;
        return SecureUtils.generateHMACString(String.valueOf(reqId), serverAuthCode);
    }
    private static void checkAuthCodeExpectantly(String srcAuthCode, String expectedAuthCode){
        if(!srcAuthCode.trim().equals(expectedAuthCode)){
            throw new AniAuthException("AUTH_CODE_ILLEGAL");
        }
    }
}
